news 2026/7/11 2:32:56

RSA 字符串映射变形加密题 Writeup

作者头像

张小明

前端开发工程师

1.2k 24
文章封面图
RSA 字符串映射变形加密题 Writeup

一、题目源码分析

```python

from Crypto.Util.number import *

from secret import flag

def encrypt1(n):

n1 = hex(n>>200).encode()

n2 = str(hex(n))[20:].encode()

return n1,n2

def encrypt2(m , n_1):

c_1 = pow(m,e_1,n_1)

def encrypt3(m , n_2):

c_2 = pow( m , e_2 , n_2)

def encrypt4(m):

k = getPrime(512)

m = m % k

c_3 = pow(m, e_2, n_3)

return m, k

m1_raw,m2_raw = encrypt1(flag)

m1 = bytes_to_long(m1_raw)

m2 = bytes_to_long(m2_raw)

encrypt2(m1,n_1)

encrypt3(n1,n_2)

encrypt4(m2)

```

输出给出参数

```

n_2 = 675835056431522362944898323336128967810604111341771166424819153316861123229670037225545557183176982348673180364605892282514726016094247816130047391894056647452480835163557236407780499396076328619177440772116626645008922639448957963358124728566763693427918065300085120761329192988171031357513082056395909829128090723062007098901860182562022216900707805868351802418466423256484825705463385883821440134121804142293850861580896363541236019018383788880726735506046551222407821054687699056275935434957490772401552531501

n_3 = 91294511667572917673898699346231897684542006136956966126836916292947639514392684487940336406038086150289315439796780158189004157494824987037667065310517044311794725172075653186677331434123198117797575528982908532086038107428540586044471407073066169603930082133459486076777574046803264038780927350142555712567

e_1 = 65537

e_2 = 3

c_1 = 47029848959680138397125259006172340325269302342762903311733700258745280761154948381409328053449580957972265859283407071931484707002138926840483316880087281153554181290481533

c_2 = 332431

c_3 = 11951299411967534922967467740790967733301092706094553308467975774492025797106594440070380723007894861454249455013202734019215071856834943490096156048504952328784989777263664832098681831398770963056616417301705739505187754236801407014715780468333977293887519001724078504320344074325196167699818117367329779609

m = 9530454742891231590945778054072843874837824815724564463369259282490619049557772650832818763768769359762168560563265763313176741847581931364

k = 8139616873420730499092246564709331937498029453340099806219977060224838957080870950877930756958455278369862703151353509623205172658012437573652818022676431

```

二、解题前置推导

1. 关于$m_2$:`encrypt4`内执行$m_2 \% k$,输出的$m$是取模结果,出题构造保证$m_2 < k$,因此$m_2 = m$。

2. 关于$m_1$:$n_1$存在小素因子$p=12001163$,可分解模数,利用RSA私钥解密$c_1$得到$m_1$。

3. 核心映射关系

- $m_1 = \mathrm{bytes\_to\_long}(\mathrm{hex}(flag\_num >> 200).encode())$

- $m_2 = \mathrm{bytes\_to\_long}(\mathrm{hex}(flag\_num)[20:].encode())$

其中$flag\_num$为flag明文对应的十进制整数;$\mathrm{bytes\_to\_long}$是将ASCII字节序列直接按大端转为整数,该变换单向,无法通过`long_to_bytes`直接还原原始字符串。

4. 位与十六进制换算:1个十六进制字符占4bit

- 200bit = 50个十六进制字符,$flag\_num >> 200$等价于截断完整十六进制串末尾50字符

- `hex(flag_num)[20:]`等价于截断完整十六进制串前20字符

三、分步解题代码

1.RSA解密获取m1

```python

from Crypto.Util.number import inverse

p = 12001163

q = 44855690771929550739782329707223288927131821419455028352237125128361403243141521969624573650335136882039947325488862394629147693110596682682340652476268895560578656848803506494143984161874672364601450773738897358948372140220823428809201635588714501538552394072148267693833438724911163306215662770049528518955045500428750705152647304478909437102113170687570179858274270856623214408925483795513938118674148842265857972396583261434015688231080920147549594610626199412707570179214106087574673840773389276722727

n1 = p * q

e1 = 65537

c1 = 47029848959680138397125259006172340325269302342762903311733700258745280761154948381409328053449580957972265859283407071931484707002138926840483316880087281153554181290481533

phi = (p - 1) * (q - 1)

d = inverse(e1, phi)

m1 = pow(c1, d, n1)

m2 = 9530454742891231590945778054072843874837824815724564463369259282490619049557772650832818763768769359762168560563265763313176741847581931364

```

2.SageMath BFS逆向,还原原始十六进制字符串

```sage

from Crypto.Util.number import bytes_to_long

from collections import deque

def str2num(s):

return bytes_to_long(s.encode("ascii"))

def find_str(target):

char_set = "0123456789abcdefx"

queue = deque(char_set)

while queue:

cur = queue.popleft()

val = str2num(cur)

if val == target:

return cur

if val < target:

for c in char_set:

queue.append(cur + c)

return None

3.还原两段原始hex文本

s_upper_raw = find_str(m1)

s_lower_raw = find_str(m2)

s_upper = s_upper_raw.removeprefix("0x")

len_lower = len(s_lower_raw)

full_total_len = 20 + len_lower

cut_tail = 50

prefix_required_len = full_total_len - cut_tail

补齐前导零

prefix_full = s_upper.zfill(prefix_required_len)

head_20 = prefix_full[:20]

full_hex = head_20 + s_lower_raw

4.转换明文

flag_num = int(full_hex, 16)

flag_bytes = long_to_bytes(flag_num)

print("flag{" + flag_bytes.decode("ascii") + "}")

```

四、干扰项说明

$n_2、c_2、n_3、c_3$仅用于生成$m$,无其他作用;`encrypt3`为无关干扰加密,全程无需参与计算。

五、运行说明

代码必须在SageMath环境执行,依靠广度优先搜索完成单向映射的逆向匹配,匹配完成后拼接完整十六进制串,直接输出标准flag格式字符串。

版权声明: 本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若内容造成侵权/违法违规/事实不符,请联系邮箱:809451989@qq.com进行投诉反馈,一经查实,立即删除!
网站建设 2026/7/11 2:30:43

Store Sales 数据清洗实战:处理 4.2 万条重复记录与 43 天油价缺失值

Store Sales 数据清洗实战&#xff1a;处理 4.2 万条重复记录与 43 天油价缺失值当面对真实世界的数据集时&#xff0c;数据清洗往往是数据分析过程中最耗时但也最关键的环节。Kaggle 上的 Store Sales 时间序列预测竞赛提供了一个绝佳的机会&#xff0c;让我们能够深入探讨如何…

作者头像 李华
网站建设 2026/7/11 2:24:13

UE5大场景植被阴影优化:从原理到RTX 3090实战调优

1. 项目概述&#xff1a;当UE5大场景的“电影感”撞上性能天花板做UE5大场景&#xff0c;尤其是那种一眼望不到头的开放世界或者超大型数字孪生场景&#xff0c;最让人头疼的往往不是模型精度&#xff0c;而是“氛围感”与“流畅度”之间的终极拉扯。而这场拉扯的核心战场之一&…

作者头像 李华
网站建设 2026/7/11 2:23:29

Unity动画性能优化:AnimatorLOD Pro插件原理、配置与实战指南

1. 项目概述&#xff1a;为什么我们需要一个专门的动画优化插件&#xff1f;如果你在Unity里做过稍微复杂点的项目&#xff0c;特别是角色多、动画状态复杂的游戏&#xff0c;比如开放世界RPG、MMO或者大型策略游戏&#xff0c;那你大概率被Animator的性能问题折磨过。我说的不…

作者头像 李华
网站建设 2026/7/11 2:19:41

ESP8266/32 Arduino 连接 Tuyalink:HMAC-SHA256 认证与 TLS 证书配置 3 大要点

ESP8266/32 Arduino 连接 Tuyalink&#xff1a;HMAC-SHA256 认证与 TLS 证书配置 3 大要点在物联网设备开发中&#xff0c;安全连接是实现商业应用的基础要求。本文将深入探讨 ESP8266/ESP32 通过 Arduino 环境安全连接 Tuyalink 云平台的三大关键技术要点&#xff0c;帮助开发…

作者头像 李华
网站建设 2026/7/11 2:19:20

如何快速提升游戏效率:智能英雄联盟助手的完整使用攻略

如何快速提升游戏效率&#xff1a;智能英雄联盟助手的完整使用攻略 【免费下载链接】League-Toolkit An all-in-one toolkit for LeagueClient. Gathering power &#x1f680;. 项目地址: https://gitcode.com/gh_mirrors/le/League-Toolkit 你是否曾在英雄联盟游戏中因…

作者头像 李华